Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:
*.oath.coach
*.oathcoaching.com

I ran this command:
On my Mac OS 10.14, I run sudo certbot certonly --manual and get the necessary DNS TXT entries. I added them to my DNS entries but they don’t seem to be propagating out from GoDaddy to the world

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

GoDaddy

I can login to a root shell on my machine (yes or no, or I don’t know):

don’t know but I have cPanel access

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

GoDaddy Cpanel

Is there some way that I can use upload a file to my domain webserver in order to authenticate?

You have to enter “_acme-challenge” into your control panel instead of “_acme-challenge.oath.coach” or the other FQDN.

By the way, a wildcard certificate for *.example.com does not apply to https://example.com/. If you want to secure that too, you need to get certificates including both example.com and *.example.com. (And you’ll have to set twice as many TXT records.)

Let’s Encrypt requires DNS validation for wildcard certificates. If you would prefer to use HTTP validation, you can’t use wildcards. (Let’s Encrypt certificates can include up to 100 names.)

You don’t need multiple certificates. You can have one certificate with multiple names. But if you want https://oath.coach/ and https://oathcoaching.com/ to work – as well as their subdomains – you need to include oath.coach and oathcoaching.com in the certificate(s).

You can organize it however you want. A single Let’s Encrypt certificate can cover up to 100 names, any number of which can be wildcards (or not), and which don’t have to be related to one another in any particular way (as long as they’re all controlled by the person requesting the certificate!). The certificate will be equally valid for each of the names listed on it.

Thank you. Could you tell me how you’re getting that, since I don’t seem to be getting the same results as you are. It’s been a few years since I had to go looking for DNS stuff, but nslookup isn’t doing what I thought it should. Probably some Apple weirdness.